Hello, I'm having issues where pass reencrypts passwords whenever I do an "mv" operation. all of the passwords in the same directory get reencrypted even though nothing has changed for them.
I'm using pass v1.6.5 (debian sid) with gpg 2.1.18. I've looked at what's happening in the code around the message "reencrypting to" and tried the gpg commands that get key lists to compare them, and I'm getting a difference, hence the trigger to reencrypt. gpg --list-keys --with-colons <space-separated list of keys in .gpg-id> | sed -n 's/sub:[^:]*:[^:]*:[^:]*:\([^:]*\):[^:]*:[^:]*:[^:]*:[^:]*:[^:]*:[^:]*:[a-zA-Z]*e[a-zA-Z]*:.*/\1/p' | LC_ALL=C sort -u ^ this shows the exact list of long key ids that correspond to the fingerprints that are present in .gpg-id gpg -v --no-secmem-warning --no-permission-warning --list-only --keyid-format long ~/.password-store/path/to/file.gpg 2>&1 | cut -d ' ' -f 5 | LC_ALL=C sort -u ^ this has an empty first line, then the set of long key ids, then three garbage lines: ELG RSA instead those lines correspond to messages of the type: * gpg: using subkey xyz instead of primary key abc * gpg: encrypted with 4096-bit RSA key, ID xyz * gpg: encrypted with 4096-bit ELG key, ID xyz the emtpy line probably corresponds to the lines following the "encrypted with" messages, that show the uid of the key. It seems like pass will always reencrypt files because of that difference.
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Password-Store mailing list [email protected] https://lists.zx2c4.com/mailman/listinfo/password-store
